module Authentication
  
  def self.included(controller)
    controller.send :helper_method, :current_user, :logged_in?, :admin?
    controller.filter_parameter_logging :password
  end
  
  def current_user
    #@current_user ||= User.find(session[:user_id]) if session[:user_id]
    @current_user = User.find(1)
  end
  
  def logged_in?
    current_user
  end
  
  def admin?
    current_user && current_user.admin?
  end
  
  def login_required
    unless logged_in?
      flash[:error] = "You must first log in or sign up before accessing this page."
      redirect_to login_url
    end
  end
  
  def admin_required
    unless admin?
      flash[:error] = "Unauthorized to access this page."
      redirect_to root_url
    end
  end
  
  class String
    def to_md5
      Digest::MD5.hexdigest(self)
    end
  end
end